Removed unnecessary code, added authentication for clients controller for admin

This commit is contained in:
Saurabh Bhatia 2014-02-13 16:58:01 +08:00
parent fb5a13df14
commit feb1deba84
3 changed files with 5 additions and 6 deletions

View File

@ -17,14 +17,14 @@ module Api
def restrict_access
authenticate_or_request_with_http_token do |token, options|
ApiKey.pluck(:access_token).include?(token)
end
ApiKey.pluck(:access_token).include?(token)
end
end
def verify_client
site_token = request.headers[:HTTP_X_SITETOKEN]
site_id = request.headers[:HTTP_X_SITEID]
client_status = Client.where(site_token: site_token).where(site_id: site_id).present?
client_status = Client.where(site_token: site_token).where(site_id: site_id).present?
end
def render_unauthorized

View File

@ -1,5 +1,6 @@
class ClientsController < ApplicationController
before_action :set_client, only: [:show, :edit, :update, :destroy]
before_filter :authenticate_user!, only: [:new, :edit, :create, :update, :destroy]
# GET /clients
# GET /clients.json

View File

@ -12,9 +12,7 @@ Mtstore::Application.routes.draw do
scope module: :v1, constraints: ApiConstraints.new(version: 1, default: :true) do
resources :templates
resources :extensions
resources :clients do
post 'verify_client', on: :collection
end
resources :clients
end
end
resources :templates